Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/p1CHQM2HrCptrM06htOcmRx6UdA.roa
File: p1CHQM2HrCptrM06htOcmRx6UdA.roa (raw, json)
Hash identifier: um1glXl+djKhvYyehzXcNGTBzKjxaKoEL+wpbMKLj80=
Subject key identifier: A7:50:87:40:CD:87:AC:2A:6D:AC:CD:3A:86:D3:9C:99:1C:7A:51:D0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425225AA0F19C68F0A89D99984FD6DE57
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/p1CHQM2HrCptrM06htOcmRx6UdA.roa
Signing time: Thu 02 Jan 2025 03:49:55 +0000
ROA not before: Thu 02 Jan 2025 03:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212164
IP address blocks: 2a0e:b107:1d20::/48 maxlen: 48
2a0e:b107:1d21::/48 maxlen: 48
2a0e:b107:1d22::/48 maxlen: 48
2a0e:b107:1d23::/48 maxlen: 48
2a0e:b107:1d24::/48 maxlen: 48
2a0e:b107:1d25::/48 maxlen: 48
2a0e:b107:1d2a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:5a:a0:f1:9c:68:f0:a8:9d:99:98:4f:d6:de:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7508740cd87ac2a6daccd3a86d39c991c7a51d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:26:3c:fe:04:cc:fa:fb:d0:5d:41:e7:d6:9d:
9a:33:d6:7a:41:f6:65:fc:b0:60:b1:1e:04:5f:28:
28:46:e3:1c:df:69:df:36:a9:b5:46:00:e1:57:f1:
9a:d7:f0:a1:db:ab:28:d1:fa:82:6c:37:73:d3:ef:
d8:cf:58:05:eb:8f:85:a2:ee:cf:f9:6d:5a:94:f1:
31:da:f2:e8:31:75:a9:bf:9d:26:6a:65:f8:6a:19:
40:de:9a:19:5a:e0:81:be:a2:df:c4:7c:dd:20:0a:
a3:c2:a8:f8:db:d7:2a:51:d8:6d:a8:b4:c1:04:9f:
71:d9:bb:99:e5:2e:73:96:6f:81:e6:e7:62:f0:94:
17:20:a2:b1:18:0c:e8:d7:5f:82:9d:4d:aa:d3:52:
78:1a:2a:14:67:50:0a:b0:46:94:aa:0c:63:8e:37:
45:60:77:75:2e:4c:7c:a2:ac:de:e0:b9:f2:4b:b8:
21:43:62:b6:7c:10:4a:f7:93:83:2c:2b:7e:f3:41:
29:2f:0c:79:f0:9a:b1:cc:a2:31:3b:f1:0b:84:3d:
15:92:ed:73:5d:db:5f:e1:50:18:db:8b:86:5e:a8:
55:d0:42:01:ec:14:a7:c2:fe:1a:2b:68:4b:7c:c1:
48:6b:80:39:9e:2d:bc:98:28:bc:ac:8c:bc:86:dd:
45:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:50:87:40:CD:87:AC:2A:6D:AC:CD:3A:86:D3:9C:99:1C:7A:51:D0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/p1CHQM2HrCptrM06htOcmRx6UdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d20::-2a0e:b107:1d25:ffff:ffff:ffff:ffff:ffff
2a0e:b107:1d2a::/48
Signature Algorithm: sha256WithRSAEncryption
4e:3f:c3:d9:69:1e:8e:58:35:ad:48:5d:27:1c:f4:1e:cd:4f:
92:b8:be:0e:b2:e6:f9:38:0f:fe:c9:77:2a:f0:ae:18:43:d2:
84:e6:96:3c:21:3f:75:11:ca:da:f0:bf:30:98:87:bc:b6:c3:
67:e0:b8:82:28:15:ee:dd:9a:c6:8b:a7:71:e1:f0:06:e4:e0:
44:70:f8:c0:10:21:da:80:97:43:08:36:b8:94:4e:8d:5d:43:
77:96:5d:62:f2:92:ef:75:2d:a9:18:6a:24:0c:cb:e1:ea:38:
53:33:b8:c8:2c:c8:60:d4:a7:26:00:bd:0b:74:c1:6e:dd:5c:
f6:98:51:9e:8f:f5:89:2d:df:90:1c:33:03:9f:81:be:93:0c:
86:3c:9f:25:98:0e:dc:3c:95:52:6c:99:b2:e4:1d:7d:9c:e4:
f5:3a:65:41:34:85:6f:ad:0f:89:2f:a6:0e:e9:c8:07:3e:b2:
18:04:1e:77:ab:1f:3f:9a:8b:bb:a5:0d:ce:be:5f:4c:18:b4:
70:0d:02:8c:87:00:da:4e:17:bb:28:a1:0f:f1:b2:af:16:2c:
0b:01:d3:4e:19:5d:61:7a:29:29:94:5a:9a:f5:c7:05:ed:8f:
49:5c:41:80:7b:69:10:91:cc:56:f6:9d:3e:c8:7e:b4:71:af:
2c:1a:bb:7b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlIlqg8Zxo8KidmZhP1t5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzUwODc0MGNkODdhYzJhNmRhY2NkM2E4NmQzOWM5OTFjN2E1MWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriY8/gTM+vvQXUHn1p2aM9Z6QfZl
/LBgsR4EXygoRuMc32nfNqm1RgDhV/Ga1/Ch26so0fqCbDdz0+/Yz1gF64+Fou7P
+W1alPEx2vLoMXWpv50mamX4ahlA3poZWuCBvqLfxHzdIAqjwqj429cqUdhtqLTB
BJ9x2buZ5S5zlm+B5udi8JQXIKKxGAzo11+CnU2q01J4GioUZ1AKsEaUqgxjjjdF
YHd1Lkx8oqze4LnyS7ghQ2K2fBBK95ODLCt+80EpLwx58JqxzKIxO/ELhD0Vku1z
Xdtf4VAY24uGXqhV0EIB7BSnwv4aK2hLfMFIa4A5ni28mCi8rIy8ht1FfQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKdQh0DNh6wqbazNOobTnJkcelHQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcDFDSFFNMkhyQ3B0ck0wNmh0T2NtUng2VWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwUqDrEH
HSADBwEqDrEHHSQDBwAqDrEHHSowDQYJKoZIhvcNAQELBQADggEBAE4/w9lpHo5Y
Na1IXScc9B7NT5K4vg6y5vk4D/7JdyrwrhhD0oTmljwhP3URytrwvzCYh7y2w2fg
uIIoFe7dmsaLp3Hh8Abk4ERw+MAQIdqAl0MINriUTo1dQ3eWXWLyku91LakYaiQM
y+HqOFMzuMgsyGDUpyYAvQt0wW7dXPaYUZ6P9Ykt35AcMwOfgb6TDIY8nyWYDtw8
lVJsmbLkHX2c5PU6ZUE0hW+tD4kvpg7pyAc+shgEHnerHz+ai7ulDc6+X0wYtHAN
AoyHANpOF7sooQ/xsq8WLAsB004ZXWF6KSmUWpr1xwXtj0lcQYB7aRCRzFb2nT7I
frRxrywau3s=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:59:59 2025 by rpki-client